I believe a hacker got hold of everyone's account at mtgox. This hacker then executed a looping script that logged into a number of accounts one by one and issued a sales order for the full BTC balance in these select accounts. After 2 minutes, the loop was completed and all BTC held of the mtgox's clients accounts were offered for sale on the mtgox market.

This drove the price of BTC down to almost nothing. mtgox as a withdrawal limit of 1000$ equivalent BTC per 24 hour period. With the price to almost nothing, the hacker could withdraw almost any amount of BTC he wished from different accounts. I think in a few days or weeks some people will learn they have lost a fortune in this attack.

We must face the reality that mtgox is short on BTC. They do not have the BTC they claim they have.

This is just a warning. I am not saying it is the case that this happened. Just that it is a possibility.

and you can't have script selling many small amounts only from 1 account?

You have to think here. The passwords/accounts of every account is out! Then you get thousands of micro sales with a bunch of big sales moments before. For a total sum larger than any account in the blockexplorer. Look at the evidence!

if someone put in a single order to sell 50,000 BTC at $.01 then however many small buy orders were out there would have all been executed as different transactions, and there would now be thousands of people that bought BTC at prices all the way down to $.01. It is more likely that a single large account created those transactions rather than a lot of individuals accounts.

All leaked passwords are either MD5 hashes or FreeBSD MD5 crypt() hashes. The attacked must have changed all hashes to a known one in order to be able to log into each other users' account. It's not impossible to execute a simple UPDATE query given the fact that the entire passwords database was dumped. Then it would be impossible for you to log into your MtGox account unless the hacker has restored the original hashes.

Most people have never tried to code a big exchange market, so they have no idea how they work, or what they look like in action. Those of us who have aren't fooled.

The exchange has two lists, one for buy orders, one for sell orders. The order matcher finds the buy order with the highest amount, and the sell order with the lowest amount. If there is a tie in either of these, it will go to the oldest one. If there is an overlap, a sale is recorded, balances are updated, the smaller order is closed, the larger order is decremented by the size of the smaller order (or if they were the exact same size, they both close). Rinse, repeat.

A large order, like selling 500,000 coins for not less than 0.01 $ each, will hit thousands of buy orders, one by one as it chews through the order book.

I don't want to be guy carrying the bad news. Don't shoot me! I'm just the messenger! But I also believe MtGox's coins had been depleted.MtGox has a 1000 USD limit or equivalent BTC, at 0.01 this means 100,000 btc can be withdraw at once.By seeing the users file, I come to a conclusion that the attackers could use any number of those accounts, if not all, to trade and withdraw.

This is a snap of bitcoinmonitor during the attack, notice the last transactions leading to the 500K. Looks like the robber getting away with his heist.

... I'm a little bit confused. It is obvious that the stolen database wasn't used to mass sell on every account. Does that mean that the 400k btc withdraw was unrelated? Or it was related in that the owner of that wallet had his password stolen from the mtgox database?

I don't want to be guy carrying the bad news. Don't shoot me! I'm just the messenger! But I also believe MtGox's coins had been depleted.MtGox has a 1000 USD limit or equivalent BTC, at 0.01 this means 100,000 btc can be withdraw at once.By seeing the users file, I come to a conclusion that the attackers could use any number of those accounts, if not all, to trade and withdraw.

This is a snap of bitcoinmonitor during the attack, notice the last transactions leading to the 500K. Looks like the robber getting away with his heist.

Just hope I'm wrong...

Things are getting clearer.

The hacker has access to many accounts with high BTC. He cannot withdraw because of the limit of 1000$ equivalent BTC. What does he do? He sells offs tons of BTC to drive the price down to almost nothing. Then he empties any number of BTC he wishes. The coins are depleted, many people lost a fortune.